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CLAIM AMENDMENTS 

1 . (Previously Amended) A method of monitoring software executing on a trusted 
computing device comprising: 

executing an integrity monitor in a protected partition on the trusted computing device, 
the integrity monitor configured to monitor guest software in a guest virtual 
machine on the trusted computing device and to take action if the guest software 
is deemed compromised; 

generating in the protected partition on the trusted computing device baseline values 
pertaining to the guest software in the guest virtual machine; 

storing the baseline values in a secure memory area; 

processing the guest software during runtime according to a predefined methodology to 

determine current runtime information; and 
comparing the current runtime information to the baseline values stored in the secure 

memory area to determine whether the guest software has been compromised. 

2. (Previously Amended) The method according to Claim 1 wherein generating the 
baseline values further comprises performing a hash function on the guest software to 
obtain a hash value. 

3. (Original) The method according to Claim 2 wherein performing the hash 
function on the guest software includes performing a hash function on one of each 
component of the guest software and a collection of components of the guest software. 
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4. (Original) The method according to Claim 2 wherein performing the hash 
function on the guest software to obtain the hash value further comprises at least one of 
performing the hash function on the guest software prior to execution to obtain an initial 
static baseline value and performing the hash function on the guest software immediately 
upon execution to obtain an initial runtime baseline value. 

5. (Original) The method according to Claim 4 wherein processing the guest 
software during runtime according to a predefined methodology further comprises 
performing the hash function periodically on the guest software during runtime to obtain 
a current hash value. 

6. (Previously Amended) The method according to Claim 5 wherein comparing the 
current runtime information to the baseline values further comprises comparing the 
current hash value to the baseline hash value. 

7. (Previously Amended) The method according to Claim 1 wherein generating the 
baseline values comprises retrieving the baseline values from a storage location on the 
trusted computing device. 

8. (Previously Amended) The method according to Claim 1 wherein storing the 
baseline values in the secure memory area further comprises storing the hash value in a 
trusted platform module ("TPM"). 
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9. (Previously Amended) The method according to Claim 1 further comprising 
performing a secure launch of the trusted computing platform prior to generating the 
baseline values. 

10. (Previously Amended) The method according to Claim 9 wherein storing the 
baseline values in the secure memory area further comprises storing the hash value in one 
of a TPM and a designated non-writable memory area. 

1 1 . (Original) The method according to Claim 9 further comprising executing at least 
a portion of the guest software in a designated non-writable memory area. 

12. (Original) The method according to Claim 1 wherein the predefined methodology 
includes at least one of a checksum, MD5 and SHAL 

13. (Original) The method according to Claim 1 wherein the protected partition 
includes a root virtual machine. 

14. (Previously Amended) A method of monitoring the integrity of a trusted 
computing device, comprising: 

launching a protected partition and a guest virtual machine on the trusted computing 
device; 

executing an integrity monitor in the protected partition and guest software in the guest 
virtual machine, the integrity monitor configured to monitor guest software in the 
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guest virtual machine on the trusted computing device and to take action if the 

guest software is deemed compromised; 
the integrity monitor processing the guest software in the guest virtual machine to 

generate a baseline hash value; 
storing the baseline value in a secure memory area; 

the integrity monitor periodically processing the guest software while executing to 

generate a current hash value; and 
the integrity monitor comparing the baseline hash value in the secure memory area to the 

current hash value to determine whether the guest software has been 

compromised. 

15. (Original) The method according to Claim 14 wherein storing the baseline value 
in a secure memory area includes storing the baseline value in at least one of a trusted 
platform module ("TPM") and a designated non-writable memory area. 

16. (Original) The method according to Claim 14 further comprising processing and 
storing a value corresponding to the integrity monitor. 

17. (Original) The method according to Claim 16 further comprising verifying the 
integrity monitor prior to comparing the baseline hash value to the current hash value. 
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18. (Original) The method according to Claim 14 wherein processing the guest 
software in the guest virtual machine to generate the baseline hash value includes 
retrieving the baseline hash value from a storage location. 

19. (Original) The method according to Claim 14 wherein launching a protected 
partition includes launching a root virtual machine. 



20. (Previously Amended) A system for monitoring software integrity, comprising: 
a trusted computing device 

a protected partition machine running on the trusted computing device; 

a guest virtual machine running on the trusted computing device, the guest virtual 
machine including guest software; 

a secure memory area on the trusted computing device; and 

an integrity monitor executing within the protected partition, the integrity monitor 

configured to monitor the guest software in the guest virtual machine running on 
the trusted computing device and to take action if the guest software is deemed 
compromised, the integrity monitor capable of generating a baseline hash value 
for the guest software initially, and a current hash value for the guest software 
during runtime, the integrity monitor further capable of storing the baseline hash 
value in the secure memory area, the integrity monitor further capable of 
comparing the baseline hash value and the current hash value to determine if the 
guest software has been compromised. 
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21 . (Original) The system according to Claim 20 wherein the secure memory area 
includes a trusted platform module ("TPM"). 

22. (Original) The system according to Claim 20 wherein the trusted computing 
device may calculate a hash value for the integrity monitor and store the hash value for 
the integrity monitor in the secure memory area. 

23. (Original) The system according to Claim 22 wherein the hash value for the 
integrity monitor may be used to verify the integrity monitor prior to enabling the 
integrity monitor to access the baseline hash value stored in the secure memory area. 

24. (Original) The system according to Claim 21 wherein the trusted computing 
device executes in Secure Execution Machine ("SMX") mode and the secure memory 
area includes one of the TPM and a designated non-writable memory area. 

25. (Original) The system according to Claim 24 wherein a secure launch module 
may calculate a hash value for the integrity monitor and store the hash value for the 
integrity monitor in the secure memory area. 

26. (Currently Amended) A n article comprising a tangibl e storage medium accessible 
by a trusted computing device, the tangibl e storage medium excluding propagated signals 
and having stored thereon instructions that, when executed by the trusted computing 
device, cause the trusted computing device to: 
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generate an integrity monitor in a protected partition on the trusted computing device, the 
integrity monitor configured to monitor guest software in a guest virtual machine 
on the trusted computing device and to take action if the guest software is deemed 
compromised; 

generate in a protected partition baseline values pertaining to components of guest 

software in a guest virtual machine; 
store the baseline values in a secure memory area; 

process the guest software during runtime according to a predefined methodology to 

determine current runtime information; and 
compare the current runtime information to the baseline values stored in the secure 

memory area to determine whether the guest software has been compromised. 

27. (Currently Amended) The artiele- storage medium according to Claim 26 wherein 
the instructions, when executed by the trusted computing device, further cause the trusted 
computing device to perform a hash function on the guest software to obtain a hash value. 

28. (Currently Amended) The artiete -storage medium according to Claim 27 wherein 
perform a hash function on one of each component of the guest software and a collection 
of components of the guest software. 

29. (Currently Amended) The artiele -storage medium according to Claim 27 the 
instructions, when executed by the trusted computing device, further cause the trusted 
computing device to at least one of: perform the hash function on the guest software prior 
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to execution to obtain an initial static baseline value and perform the hash function on the 
guest software immediately upon execution to obtain an initial runtime baseline value. 

30. (Currently Amended) The artiete- storage medium according to Claim 29 wherein 
the instructions, when executed by the trusted computing device, further cause the trusted 
computing device to perform the hash function periodically on the guest software during 
runtime to obtain a current hash value. 

3 1 . (Currently Amended) The artieie -storage medium according to Claim 30 wherein 
the instructions, when executed by the trusted computing device, further cause the trusted 
computing device to compare the current hash value to the baseline hash value. 

32. (Currently Amended) The arriete -storage medium according to Claim 26 wherein 
the instructions, when executed by the trusted computing device, further cause the 
machine to retrieve the baseline values from a storage location on the trusted computing 
device. 

33. (Currently Amended) The artiele -storage medium according to Claim 26 wherein 
the instructions, when executed by the trusted computing device, further cause the trusted 
computing device to store the hash value in a trusted platform module ("TPM"). 

34. (Currently Amended) The artiete -storage medium according to Claim 26 wherein 
the instructions, when executed by the trusted computing device, further cause the trusted 
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computing device to perform a secure launch of the trusted computing platform prior to 
generating the baseline values. 

35. (Currently Amended) The artiete -storage medium according to Claim 34 wherein 
the instructions, when executed by the trusted computing device, further cause the trusted 
computing device to store the baseline value in one of a TPM and a designated non- 
writable memory area. 

36. (Currently Amended) The artiste -storage medium according to Claim 34 the 
instructions, when executed by the trusted computing device, further cause the trusted 
computing device to execute at least a portion of the guest software in a designated non- 
writable memory area. 

37. (Currently Amended) The artiete -storage medium according to Claim 26 wherein 
the protected partition includes a root virtual machine. 
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